On Sun, 2011-08-21 at 02:50 +0200, Patrick Lists wrote:

> Maybe SELinux blocks Apache from writing to /etc/sysconfig/iptables?
> Have you looked at ? These apps seem to offer a 
> similar solution.

I'm not using SELinux at the moment simply because I don't have the time
to understand it. I'm a self-taught Linuxist. I believe it uses the
'labels' inherent with every file description block.

With Craig's SU suggestion, I believe my attack detection system will
successfully block the attacker's IP address on a server and for a
selected ports only.

I will look at fail2ban and denyhosts and see how they can help.

Thank you.

With best regards,


CentOS mailing list

Reply via email to